Field of the Invention
This invention relates to the field of secure mobile device communication and, more particularly, to efficiently establishing secure mobile device communication for location-aware applications.
Description of the Related Art
Beacons are transmitter devices that broadcast signals received by mobile devices located relatively nearby. Typically, the beacons use a wireless technology for broadcasting signals. For example, beacons may use Bluetooth low energy (BLE) technology to broadcast the signal within a programmable range of 5 meters to 100 meters. The range may be an omnidirectional radius range. The signal includes at least identifiers identifying a location of the beacon that broadcast the signal. A location-aware application enabled on the mobile device that receives the broadcast signal sends information stored in the broadcast signal to a backend server. Various different devices and technologies may be used to send information to the backend server. For example, routers, switches, cellular network and the Internet may at least be used. The backend server determines whether the information is valid and sends a response to the mobile device indicating whether the information is valid. For example, the backend server may compare the received identifiers to stored valid identifiers.
If the identifiers are determined to be valid, then upon receiving the response, the location-aware application may execute one or more steps on the mobile device. The location-aware application may be used to check-in on social media, receive rewards from a company, receive notices about offers and upcoming events, and so forth. Multiple vendors have provided location-aware applications using broadcast signals from beacons. For example, a user may claim a reward upon visiting a coffee shop on a twentieth visit. The use enters the coffee shop where a beacon is placed just inside the door and the user's mobile device receives the broadcast signal from this beacon. The identifiers in the broadcast signal from this beacon are verified by the backend server. The location-aware application on the mobile device determines there is a reward to claim, such as a coupon for a free drink, and provides a notification of the reward to the user.
Although the identifiers in the broadcast signal may be rotated with a given frequency, malicious users are able to capture the information in the broadcast signal, store the information and clone the generation of the information. Thus, a malicious user can program a beacon in another location away from the source location, such as the coffee shop, and broadcast a signal that is copying, or spoofing, the original beacon. This process is also referred to as piggybacking. The backend server does not recognize the spoofed information does not correspond to the original beacon and sends a response to the malicious user's mobile device indicating the spoofed information is valid.
Proximity authentication may be used to avoid piggybacking. However, to use proximity authentication, the user's mobile device is paired with the beacon, which includes exchanging encrypted messages while authenticating the user followed by un-pairing the mobile device from the beacon. The pairing process uses an indication of approval from the user. Therefore, this solution does not scale when a relatively high number of mobile devices are waiting for authentication. In addition, the user may miss an opportunity such as a reward, offer or notification from the location-aware application as the user did not notice a prompt for approval. Another solution is to use Global Positioning System (GPS) tracking, but this information may be spoofed as well.
In view of the above, improved systems and methods for efficiently establishing secure mobile device communication for location-aware applications are desired.